weird DH problems

Girish Venkatachalam girish1729 at gmail.com
Tue Sep 19 14:47:47 EST 2006


On Tue, Sep 19, 2006 at 02:21:33PM +1000, Darren Tucker wrote:
|Girish Venkatachalam wrote:
|>Dear Damien and Darren,
|>
|>I recently ran into a really weird and spooky ssh problem. My brain
|>is  going to mad trying to explain that it is a hardware issue since on two
|>machines, one of which is a Celeon 2.8 Ghz with 1 GB RAM, another is a
|>Xeon 4 CPU box with 3 Gig RAM and I guess 3 Ghz or something, both of
|>which are running FreeBSD 6.1 with latest version of OpenSSH bundled
|>with it. The version string is
|>SSH-2.0-OpenSSH_4.2p1 FreeBSD-2005090
|>
|>I did a ssh -vvv to them and the problem occurs in kex. And it is
|>absolutely random. Here is some sample output.
|>
|>1) debug1: SSH2_MSG_NEWKEYS sent                                      
|>debug1: expecting SSH2_MSG_NEWKEYS                                    
|>Write failed: Broken pipe                                             
|
|It's not clear from you're describing the client(s) or server(s) above, 
|but the server in this case doesn't happen to be an UltraSPARC does it? 
| If so, what version of OpenSSL does it have?
|
Sorry Darren for the confusion. Both machines running FreeBSD are the servers and the sshd on the server side is dying. I have mentioned above the architectures, none of them are UltraSparc.

Is there something wrong with /dev/*random?

I have tried connecting from FreeBSD itself, OpenBSD and Debian GNU/linux asssh clients. And all of them have problems at different times. And these clients of course are running at my home and they are old crappy i386 boxes. I dont think there is any problem with the client part.

I would have loved u to actually take a look at it urself but the machines do not actually belong to me and that is the reason I am not able to make them available to you. However if you insist I can give you the IPs and you can try connecting. 

What could be the problem? Any clues? Please tell me if this is fixable at all. I wonder what more I can do. :-)

Oh OpenSSL was my first suspicion. 
 ldd /usr/bin/ssh
 /usr/bin/ssh:
    libcrypto.so.4 => /lib/libcrypto.so.4 (0x280a7000)
    libutil.so.5 => /lib/libutil.so.5 (0x28199000)
    libz.so.3 => /lib/libz.so.3 (0x281a5000)
    libcrypt.so.3 => /lib/libcrypt.so.3 (0x281b5000)
    libc.so.6 => /lib/libc.so.6 (0x281cd000)

I assure you my fullest cooperation in clearing this up.

regards,
Girish



More information about the openssh-unix-dev mailing list